Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Bump to GoLang v1.20 #1689

Merged
merged 9 commits into from
Jul 23, 2023
Merged

chore: Bump to GoLang v1.20 #1689

merged 9 commits into from
Jul 23, 2023

Conversation

shahzadlone
Copy link
Member

@shahzadlone shahzadlone commented Jul 22, 2023
edited
Loading

Relevant issue(s)

Description

  • This is a routine version bump of GoLang, the previous bump was done in (chore: Bump to GoLang v1.19 #818)
  • This PR also introduces a new workflow action (not-mandatory to pass in order to merge) that was showing some vulnerabilities pre-version-bump, all of the vulnerabilities were resolved once the golang version was bumped. In future this trigger will be used to bump golang versions.
  • Also updates the golang version for AWS AMI generation.

Note:

How has this been tested?

  • Added action that failed with vulnerabilities.
  • Bumped version.
  • Vulnerabilities were resolved and action passed.

Specify the platform(s) on which this was tested:

  • Arch Linux

@shahzadlone shahzadlone added ci/build This is issue is about the build or CI system, and the administration of it. code quality Related to improving code quality bump Bumped version for something labels Jul 22, 2023
@shahzadlone shahzadlone added this to the DefraDB v0.6 milestone Jul 22, 2023
@shahzadlone shahzadlone self-assigned this Jul 22, 2023
@source-devs
Copy link

Terraform Format and Style success

Terraform Initialization success

Terraform Validation success

Terraform Plan success

Show Plan 

Terraform Plan Output:
data.aws_ami.ami: Reading...
aws_security_group.sg: Refreshing state... [id=sg-03ba6f1f9cd118f43]
data.aws_ami.ami: Read complete after 0s [id=ami-090df366ae87f905c]
aws_instance.instance: Refreshing state... [id=i-0861cf88407e45be4]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

# aws_instance.instance must be replaced
-/+ resource "aws_instance" "instance" {
    ~ ami                                  = "ami-0aec60e193aa9f7f0" -> "ami-090df366ae87f905c" # forces replacement
    ~ arn                                  = "arn:aws:ec2:us-east-1:575155546886:instance/i-0861cf88407e45be4" -> (known after apply)
    ~ associate_public_ip_address          = true -> (known after apply)
    ~ availability_zone                    = "us-east-1c" -> (known after apply)
    ~ cpu_core_count                       = 1 -> (known after apply)
    ~ cpu_threads_per_core                 = 1 -> (known after apply)
    ~ disable_api_stop                     = false -> (known after apply)
    ~ disable_api_termination              = false -> (known after apply)
    ~ ebs_optimized                        = false -> (known after apply)
    - hibernation                          = false -> null
    + host_id                              = (known after apply)
    + host_resource_group_arn              = (known after apply)
    + iam_instance_profile                 = (known after apply)
    ~ id                                   = "i-0861cf88407e45be4" -> (known after apply)
    ~ instance_initiated_shutdown_behavior = "stop" -> (known after apply)
    ~ instance_state                       = "running" -> (known after apply)
    ~ ipv6_address_count                   = 0 -> (known after apply)
    ~ ipv6_addresses                       = [] -> (known after apply)
    ~ monitoring                           = false -> (known after apply)
    + outpost_arn                          = (known after apply)
    + password_data                        = (known after apply)
    + placement_group                      = (known after apply)
    ~ placement_partition_number           = 0 -> (known after apply)
    ~ primary_network_interface_id         = "eni-08a3ca5679d535293" -> (known after apply)
    ~ private_dns                          = "ip-172-31-80-89.ec2.internal" -> (known after apply)
    ~ private_ip                           = "172.31.80.89" -> (known after apply)
    ~ public_dns                           = "ec2-18-212-67-74.compute-1.amazonaws.com" -> (known after apply)
    ~ public_ip                            = "18.212.67.74" -> (known after apply)
    ~ secondary_private_ips                = [] -> (known after apply)
    ~ subnet_id                            = "subnet-0bc2e025" -> (known after apply)
      tags                                 = {
          "environment"  = "dev"
          "organization" = "source"
      }
    ~ tenancy                              = "default" -> (known after apply)
    + user_data                            = (known after apply)
    + user_data_base64                     = (known after apply)
    ~ vpc_security_group_ids               = [
        - "sg-03ba6f1f9cd118f43",
      ] -> (known after apply)
      # (7 unchanged attributes hidden)

    ~ capacity_reservation_specification {
        ~ capacity_reservation_preference = "open" -> (known after apply)

        + capacity_reservation_target {
            + capacity_reservation_id                 = (known after apply)
            + capacity_reservation_resource_group_arn = (known after apply)
          }
      }

    - credit_specification {
        - cpu_credits = "standard" -> null
      }

    + ebs_block_device {
        + delete_on_termination = (known after apply)
        + device_name           = (known after apply)
        + encrypted             = (known after apply)
        + iops                  = (known after apply)
        + kms_key_id            = (known after apply)
        + snapshot_id           = (known after apply)
        + tags                  = (known after apply)
        + throughput            = (known after apply)
        + volume_id             = (known after apply)
        + volume_size           = (known after apply)
        + volume_type           = (known after apply)
      }

    ~ enclave_options {
        ~ enabled = false -> (known after apply)
      }

    + ephemeral_block_device {
        + device_name  = (known after apply)
        + no_device    = (known after apply)
        + virtual_name = (known after apply)
      }

    ~ maintenance_options {
        ~ auto_recovery = "default" -> (known after apply)
      }

    ~ metadata_options {
        ~ http_endpoint               = "enabled" -> (known after apply)
        ~ http_put_response_hop_limit = 1 -> (known after apply)
        ~ http_tokens                 = "optional" -> (known after apply)
        ~ instance_metadata_tags      = "disabled" -> (known after apply)
      }

    + network_interface {
        + delete_on_termination = (known after apply)
        + device_index          = (known after apply)
        + network_card_index    = (known after apply)
        + network_interface_id  = (known after apply)
      }

    ~ private_dns_name_options {
        ~ enable_resource_name_dns_a_record    = false -> (known after apply)
        ~ enable_resource_name_dns_aaaa_record = false -> (known after apply)
        ~ hostname_type                        = "ip-name" -> (known after apply)
      }

    ~ root_block_device {
        ~ delete_on_termination = true -> (known after apply)
        ~ device_name           = "/dev/sda1" -> (known after apply)
        ~ encrypted             = false -> (known after apply)
        ~ iops                  = 100 -> (known after apply)
        + kms_key_id            = (known after apply)
        ~ tags                  = {} -> (known after apply)
        ~ throughput            = 0 -> (known after apply)
        ~ volume_id             = "vol-07158d9693e5103ba" -> (known after apply)
        ~ volume_size           = 8 -> (known after apply)
        ~ volume_type           = "gp2" -> (known after apply)
      }
  }

Plan: 1 to add, 0 to change, 1 to destroy.

Changes to Outputs:
~ ec2instance = "i-0861cf88407e45be4" -> (known after apply)
~ ip          = "18.212.67.74" -> (known after apply)

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
Releasing state lock. This may take a few moments...

Pushed By: @shahzadlone
SHA: 28d0704ebc2ac1c98c544e5c0b32efc45e2fe892

@shahzadlone shahzadlone mentioned this pull request Jul 22, 2023
Closed
@source-devs
Copy link

Terraform Format and Style success

Terraform Initialization success

Terraform Validation success

Terraform Plan success

Show Plan 

Terraform Plan Output:
data.aws_ami.ami: Reading...
aws_security_group.sg: Refreshing state... [id=sg-03ba6f1f9cd118f43]
data.aws_ami.ami: Read complete after 0s [id=ami-090df366ae87f905c]
aws_instance.instance: Refreshing state... [id=i-0861cf88407e45be4]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

# aws_instance.instance must be replaced
-/+ resource "aws_instance" "instance" {
    ~ ami                                  = "ami-0aec60e193aa9f7f0" -> "ami-090df366ae87f905c" # forces replacement
    ~ arn                                  = "arn:aws:ec2:us-east-1:575155546886:instance/i-0861cf88407e45be4" -> (known after apply)
    ~ associate_public_ip_address          = true -> (known after apply)
    ~ availability_zone                    = "us-east-1c" -> (known after apply)
    ~ cpu_core_count                       = 1 -> (known after apply)
    ~ cpu_threads_per_core                 = 1 -> (known after apply)
    ~ disable_api_stop                     = false -> (known after apply)
    ~ disable_api_termination              = false -> (known after apply)
    ~ ebs_optimized                        = false -> (known after apply)
    - hibernation                          = false -> null
    + host_id                              = (known after apply)
    + host_resource_group_arn              = (known after apply)
    + iam_instance_profile                 = (known after apply)
    ~ id                                   = "i-0861cf88407e45be4" -> (known after apply)
    ~ instance_initiated_shutdown_behavior = "stop" -> (known after apply)
    ~ instance_state                       = "running" -> (known after apply)
    ~ ipv6_address_count                   = 0 -> (known after apply)
    ~ ipv6_addresses                       = [] -> (known after apply)
    ~ monitoring                           = false -> (known after apply)
    + outpost_arn                          = (known after apply)
    + password_data                        = (known after apply)
    + placement_group                      = (known after apply)
    ~ placement_partition_number           = 0 -> (known after apply)
    ~ primary_network_interface_id         = "eni-08a3ca5679d535293" -> (known after apply)
    ~ private_dns                          = "ip-172-31-80-89.ec2.internal" -> (known after apply)
    ~ private_ip                           = "172.31.80.89" -> (known after apply)
    ~ public_dns                           = "ec2-18-212-67-74.compute-1.amazonaws.com" -> (known after apply)
    ~ public_ip                            = "18.212.67.74" -> (known after apply)
    ~ secondary_private_ips                = [] -> (known after apply)
    ~ subnet_id                            = "subnet-0bc2e025" -> (known after apply)
      tags                                 = {
          "environment"  = "dev"
          "organization" = "source"
      }
    ~ tenancy                              = "default" -> (known after apply)
    + user_data                            = (known after apply)
    + user_data_base64                     = (known after apply)
    ~ vpc_security_group_ids               = [
        - "sg-03ba6f1f9cd118f43",
      ] -> (known after apply)
      # (7 unchanged attributes hidden)

    ~ capacity_reservation_specification {
        ~ capacity_reservation_preference = "open" -> (known after apply)

        + capacity_reservation_target {
            + capacity_reservation_id                 = (known after apply)
            + capacity_reservation_resource_group_arn = (known after apply)
          }
      }

    - credit_specification {
        - cpu_credits = "standard" -> null
      }

    + ebs_block_device {
        + delete_on_termination = (known after apply)
        + device_name           = (known after apply)
        + encrypted             = (known after apply)
        + iops                  = (known after apply)
        + kms_key_id            = (known after apply)
        + snapshot_id           = (known after apply)
        + tags                  = (known after apply)
        + throughput            = (known after apply)
        + volume_id             = (known after apply)
        + volume_size           = (known after apply)
        + volume_type           = (known after apply)
      }

    ~ enclave_options {
        ~ enabled = false -> (known after apply)
      }

    + ephemeral_block_device {
        + device_name  = (known after apply)
        + no_device    = (known after apply)
        + virtual_name = (known after apply)
      }

    ~ maintenance_options {
        ~ auto_recovery = "default" -> (known after apply)
      }

    ~ metadata_options {
        ~ http_endpoint               = "enabled" -> (known after apply)
        ~ http_put_response_hop_limit = 1 -> (known after apply)
        ~ http_tokens                 = "optional" -> (known after apply)
        ~ instance_metadata_tags      = "disabled" -> (known after apply)
      }

    + network_interface {
        + delete_on_termination = (known after apply)
        + device_index          = (known after apply)
        + network_card_index    = (known after apply)
        + network_interface_id  = (known after apply)
      }

    ~ private_dns_name_options {
        ~ enable_resource_name_dns_a_record    = false -> (known after apply)
        ~ enable_resource_name_dns_aaaa_record = false -> (known after apply)
        ~ hostname_type                        = "ip-name" -> (known after apply)
      }

    ~ root_block_device {
        ~ delete_on_termination = true -> (known after apply)
        ~ device_name           = "/dev/sda1" -> (known after apply)
        ~ encrypted             = false -> (known after apply)
        ~ iops                  = 100 -> (known after apply)
        + kms_key_id            = (known after apply)
        ~ tags                  = {} -> (known after apply)
        ~ throughput            = 0 -> (known after apply)
        ~ volume_id             = "vol-07158d9693e5103ba" -> (known after apply)
        ~ volume_size           = 8 -> (known after apply)
        ~ volume_type           = "gp2" -> (known after apply)
      }
  }

Plan: 1 to add, 0 to change, 1 to destroy.

Changes to Outputs:
~ ec2instance = "i-0861cf88407e45be4" -> (known after apply)
~ ip          = "18.212.67.74" -> (known after apply)

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

Pushed By: @shahzadlone
SHA: 8b9c28de4993ee5ff273a0b3bf3f73ed18de8920

@shahzadlone shahzadlone requested a review from a team July 22, 2023 10:53
@codecov
Copy link

codecov bot commented Jul 22, 2023

Codecov Report

Patch coverage has no change and project coverage change: +0.11 🎉

Comparison is base (bc8ada9) 75.29% compared to head (8b9c28d) 75.40%.

Impacted file tree graph

@@             Coverage Diff             @@
##           develop    #1689      +/-   ##
===========================================
+ Coverage    75.29%   75.40%   +0.11%     
===========================================
  Files          208      208              
  Lines        21694    21694              
===========================================
+ Hits         16333    16357      +24     
+ Misses        4220     4199      -21     
+ Partials      1141     1138       -3
Flag Coverage Δ
all-tests 75.40% <ø> (+0.11%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 6 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bc8ada9...8b9c28d. Read the comment docs.

fredcarle
fredcarle approved these changes Jul 22, 2023
View reviewed changes
Copy link
Collaborator

@fredcarle fredcarle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks for doing that change. It will be good to avoid potential vulnerabilities in the future.

shahzadlone
shahzadlone commented Jul 23, 2023
View reviewed changes
tests/bench/bench_util.go
Comment on lines -46 to -50
// create a consistent seed value for the random package
// so we don't have random fluctuations between runs
// (specifically thinking about the fixture generation stuff)
seed := hashToInt64("https://xkcd.com/221/")
rand.Seed(seed)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jsimnz Do you see value in having a consistent seed and passing it the place where the random generation happens (as now it's not a global thing but a local object we would have to pass around with an initiated seed).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Made issue for tracking: #1690

@shahzadlone shahzadlone merged commit 912824e into develop Jul 23, 2023
@shahzadlone shahzadlone deleted the bump_go_version_to_1.20 branch July 23, 2023 12:09
@shahzadlone shahzadlone mentioned this pull request Jul 23, 2023
Open
@shahzadlone shahzadlone mentioned this pull request Jan 12, 2024
Merged
shahzadlone added a commit that referenced this pull request Jan 19, 2024
@shahzadlone
chore: Bump to GoLang v1.21 (#2195)
6d4bcc7 
## Relevant issue(s)
- Resolves #2194
- Resolves #2196


## Description
- This is a routine version bump of GoLang, the previous bump was done
in (#1689)
- Also updates the golang version for AWS AMI generation.
- Updated the `ONLY_DEFRADB_REPO_CI_PAT` token as the terraform build
would fail otherwise as the token expired starting of this year.
shahzadlone added a commit to shahzadlone/defradb that referenced this pull request Jan 22, 2024
@shahzadlone
chore: Bump to GoLang v1.21 (sourcenetwork#2195)
60ba35e 
## Relevant issue(s)
- Resolves sourcenetwork#2194
- Resolves sourcenetwork#2196


## Description
- This is a routine version bump of GoLang, the previous bump was done
in (sourcenetwork#1689)
- Also updates the golang version for AWS AMI generation.
- Updated the `ONLY_DEFRADB_REPO_CI_PAT` token as the terraform build
would fail otherwise as the token expired starting of this year.
nasdf pushed a commit to nasdf/defradb that referenced this pull request Jan 23, 2024
@shahzadlone @nasdf
chore: Bump to GoLang v1.21 (sourcenetwork#2195)
39a8fda 
## Relevant issue(s)
- Resolves sourcenetwork#2194
- Resolves sourcenetwork#2196


## Description
- This is a routine version bump of GoLang, the previous bump was done
in (sourcenetwork#1689)
- Also updates the golang version for AWS AMI generation.
- Updated the `ONLY_DEFRADB_REPO_CI_PAT` token as the terraform build
would fail otherwise as the token expired starting of this year.
shahzadlone added a commit to shahzadlone/defradb that referenced this pull request Feb 23, 2024
@shahzadlone
chore: Bump to GoLang v1.20 (sourcenetwork#1689)
6f2f8dd 
## Relevant issue(s)
- Resolves sourcenetwork#522
- Resolves sourcenetwork#1687 

## Description
- This is a routine version bump of GoLang, the previous bump was done
in (sourcenetwork#818)
- This PR also introduces a new workflow action (not-mandatory to pass
in order to merge) that was showing some vulnerabilities
pre-version-bump, all of the vulnerabilities were resolved once the
golang version was bumped. In future this trigger will be used to bump
golang versions.
- Also updates the golang version for AWS AMI generation.

Note:
- Before the bump we had 13 vulnerabilities:
https://github.com/sourcenetwork/defradb/actions/runs/5629964770/job/15255493129?pr=1688
- After the bump: passing with no vulnerabilities.


## How has this been tested?
- Added action that failed with vulnerabilities.
- Bumped version.
- Vulnerabilities were resolved and action passed.

Specify the platform(s) on which this was tested:
- Arch Linux
shahzadlone added a commit to shahzadlone/defradb that referenced this pull request Feb 23, 2024
@shahzadlone
chore: Bump to GoLang v1.21 (sourcenetwork#2195)
efe0dd5 
## Relevant issue(s)
- Resolves sourcenetwork#2194
- Resolves sourcenetwork#2196


## Description
- This is a routine version bump of GoLang, the previous bump was done
in (sourcenetwork#1689)
- Also updates the golang version for AWS AMI generation.
- Updated the `ONLY_DEFRADB_REPO_CI_PAT` token as the terraform build
would fail otherwise as the token expired starting of this year.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fredcarle fredcarle fredcarle approved these changes

Assignees

@shahzadlone shahzadlone

Labels
bump Bumped version for something ci/build This is issue is about the build or CI system, and the administration of it. code quality Related to improving code quality
Projects
None yet
Milestone
DefraDB v0.6
Development

Successfully merging this pull request may close these issues.

Bump go version to v1.20 Use govulncheck in CI
3 participants
@shahzadlone @source-devs @fredcarle